Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
File:                     OPp_x3GCjPs5cigk9_3z7cSzxSk.mft (raw, json)
Hash identifier:          4qSebVhQHJYdtWTkXGOPeOI1d1+CXh0o42q2z5PIIOY=
Subject key identifier:   77:13:AA:C0:5F:A8:38:54:A2:C3:F2:D7:CF:99:3E:5C:89:D3:EA:33
Authority key identifier: 38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29
Certificate issuer:       /CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529
Certificate serial:       019D265F1CF41C9CD4DBBED97DDB4F279B1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
Manifest number:          027B
Signing time:             Wed 25 Mar 2026 19:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:00 +0000
Files and hashes:         1: OPp_x3GCjPs5cigk9_3z7cSzxSk.crl (hash: HGAMusDy51tsozs6DkjiA6EdqtxU2Bqyswhz6VMfytk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:1c:f4:1c:9c:d4:db:be:d9:7d:db:4f:27:9b:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529
        Validity
            Not Before: Mar 25 19:01:00 2026 GMT
            Not After : Mar 26 19:01:00 2026 GMT
        Subject: CN=7713aac05fa83854a2c3f2d7cf993e5c89d3ea33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:27:c6:32:e0:a8:45:c9:2d:7f:b2:ba:6d:0b:
                    27:e1:c4:54:f1:a5:6a:ad:e6:c4:7b:e1:a1:7c:8d:
                    e7:3d:00:4a:57:95:c0:01:6f:65:e9:05:ea:82:c5:
                    24:c3:e4:45:86:73:b9:c9:5e:aa:fd:dc:92:88:bb:
                    b1:63:8c:66:bc:0f:46:a1:51:7b:15:3e:71:45:7f:
                    9f:a2:7d:77:69:c3:64:51:b2:04:a2:97:4d:96:02:
                    85:de:2e:6f:92:c4:9b:03:a2:b3:a6:57:3b:51:f7:
                    05:a4:d3:28:1e:bc:20:a0:13:24:65:4f:2d:f3:0f:
                    0e:46:49:ce:eb:c9:a4:85:c1:3b:60:a4:a2:ca:90:
                    d7:a6:8d:2a:20:a1:c0:14:bb:3a:f1:dc:b3:f1:5f:
                    df:54:7c:fe:0b:c2:41:98:8b:df:80:8b:cd:4f:6d:
                    86:db:21:4e:ff:91:b0:19:21:0a:b1:a7:ed:fe:c6:
                    45:bf:51:e5:b5:ba:30:4c:a4:3c:30:6b:a4:5b:0d:
                    3a:bc:9a:9c:57:48:74:36:10:75:1b:7b:82:f9:d7:
                    c5:22:42:a6:bd:99:7b:2f:ce:4d:26:b3:f4:3d:f0:
                    76:6e:f0:9b:d1:93:ab:a0:b3:5a:3a:b0:5d:24:cd:
                    bb:11:93:76:8a:c7:9b:77:65:a8:76:75:a3:59:35:
                    c3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:13:AA:C0:5F:A8:38:54:A2:C3:F2:D7:CF:99:3E:5C:89:D3:EA:33
            X509v3 Authority Key Identifier:
                keyid:38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:1f:51:80:3d:de:65:33:f3:83:42:c1:cf:2f:0f:53:f0:fc:
         d0:37:e3:b5:c3:b8:04:4c:cf:d0:e1:70:6f:30:eb:6b:de:b8:
         a9:17:23:c6:2f:e3:ba:e8:8c:8f:a6:9d:02:ac:ea:fb:3d:14:
         78:bf:be:83:eb:18:67:32:43:92:ba:56:42:8d:9a:2e:ec:a0:
         79:75:e8:9b:61:21:47:df:46:c5:c0:a8:09:68:f9:08:f0:26:
         13:07:e5:ee:e6:07:3d:5b:12:9a:ff:48:80:d9:58:55:eb:7b:
         76:03:f6:ba:f7:fb:7d:cf:b3:f3:d2:88:06:68:a2:ce:05:63:
         ab:8a:73:8f:13:c6:44:ef:ec:a1:2e:7e:87:c1:dd:3e:39:d0:
         53:01:b9:75:77:01:ca:6a:f4:62:66:40:21:aa:54:78:d2:27:
         37:59:a2:58:59:77:aa:f0:71:2e:46:25:63:ed:e4:4d:52:99:
         08:b4:22:ad:34:0b:03:7c:8f:99:3d:c9:15:57:99:f8:67:fd:
         89:c9:d4:15:87:1a:6a:e7:ad:5d:8a:f0:fd:b6:1e:5a:6f:5b:
         07:1f:cb:4b:ef:04:b6:6f:7f:0e:54:04:ef:a2:7c:d0:f0:9a:
         8e:f6:56:4f:c2:09:70:97:c0:1c:70:4a:f9:97:17:4e:f7:32:
         fb:2f:68:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXxz0HJzU277ZfdtPJ5saMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZmE3ZmM3NzE4MjhjZmIzOTcyMjgyNGY3ZmRmM2VkYzRi
M2M1MjkwHhcNMjYwMzI1MTkwMTAwWhcNMjYwMzI2MTkwMTAwWjAzMTEwLwYDVQQD
Eyg3NzEzYWFjMDVmYTgzODU0YTJjM2YyZDdjZjk5M2U1Yzg5ZDNlYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSfGMuCoRcktf7K6bQsn4cRU8aVq
rebEe+GhfI3nPQBKV5XAAW9l6QXqgsUkw+RFhnO5yV6q/dySiLuxY4xmvA9GoVF7
FT5xRX+fon13acNkUbIEopdNlgKF3i5vksSbA6Kzplc7UfcFpNMoHrwgoBMkZU8t
8w8ORknO68mkhcE7YKSiypDXpo0qIKHAFLs68dyz8V/fVHz+C8JBmIvfgIvNT22G
2yFO/5GwGSEKsaft/sZFv1HltbowTKQ8MGukWw06vJqcV0h0NhB1G3uC+dfFIkKm
vZl7L85NJrP0PfB2bvCb0ZOroLNaOrBdJM27EZN2isebd2WodnWjWTXDGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcTqsBfqDhUosPy18+ZPlyJ0+ozMB8GA1UdIwQY
MBaAFDj6f8dxgoz7OXIoJPf98+3Es8UpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYt
MTI5Nzc4Mjc1NWZkLzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYtMTI5Nzc4Mjc1NWZk
LzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATx9RgD3e
ZTPzg0LBzy8PU/D80DfjtcO4BEzP0OFwbzDra964qRcjxi/juuiMj6adAqzq+z0U
eL++g+sYZzJDkrpWQo2aLuygeXXom2EhR99GxcCoCWj5CPAmEwfl7uYHPVsSmv9I
gNlYVet7dgP2uvf7fc+z89KIBmiizgVjq4pzjxPGRO/soS5+h8HdPjnQUwG5dXcB
ymr0YmZAIapUeNInN1miWFl3qvBxLkYlY+3kTVKZCLQirTQLA3yPmT3JFVeZ+Gf9
icnUFYcaauetXYrw/bYeWm9bBx/LS+8Etm9/DlQE76J80PCajvZWT8IJcJfAHHBK
+ZcXTvcy+y9oSQ==
-----END CERTIFICATE-----